Fortinet FortiExtender is a remote access server used by organizations to securely connect employees to their company network. However, this vulnerability allows an authenticated attacker to execute unauthorized code or commands via a specific HTTP request, potentially leading to unauthorized system changes and data breaches.
You're affected if you use A improper neutralization of special elements used. Affected versions: 7.4.7, 7.6.3 If you don't recognise this software, you're probably not affected.
Upgrade to FortiExtender 7.6.4 or above from the official Fortinet website: https://support.fortinet.com/support/downloads
- Immediately restrict network access to your FortiExtender instance (firewall it from the public internet) as a temporary mitigation.
- Monitor for unauthorized token creation and audit admin account activity for suspicious access patterns.